MIRRORS/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky.git synced 2025-07-19 21:09:03 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

ffmpeg: fix CVE-2022-48434

Browse Source 
The patch for CVE-2022-48434 was removed when ffmpeg was updated to
5.0.3. The CVE was fixed in 5.0.2, but NVD has not updated the affected
versions yet. Added an ignore for this CVE to mark as fixed.

(From OE-Core rev: a8c6e2da68c9fc6c692b41c7370ec937680f788c)

Signed-off-by: Colin Pinnell McAllister <colin.mcallister@garmin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Colin Pinnell McAllister 2025-06-24 15:03:03 -05:00 committed by Steve Sakoman
parent 6964579627
commit ac03ee2932
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
meta/recipes-multimedia/ffmpeg/ffmpeg_5.0.3.bb
View File

@ -86,6 +86,10 @@ CVE_CHECK_IGNORE += "CVE-2024-7272"
# bugfix: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/43be8d07281caca2e88bfd8ee2333633e1fb1a13
CVE_CHECK_IGNORE += "CVE-2025-1373"
# This vulnerability was fixed in 5.0.2
# bugfix: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba
CVE_CHECK_IGNORE += "CVE-2022-48434"
# Build fails when thumb is enabled: https://bugzilla.yoctoproject.org/show_bug.cgi?id=7717
ARM_INSTRUCTION_SET:armv4 = "arm"
ARM_INSTRUCTION_SET:armv5 = "arm"